[strongSwan] SHA-256 for IKE_AUTH (IKEv2) ?

Andreas Steffen andreas.steffen at strongswan.org
Mon Mar 31 09:11:44 CEST 2014


Hello Mugur,

strongSwan only supports SHA-1 with the RSA Digital Signature AUTH
payload but we are planning to support

http://tools.ietf.org/html/draft-kivinen-ipsecme-signature-auth-05

as soon as the "Signature Authentication in IKEv2" RFC is goint to be
published.

Best regards

Andreas

On 28.03.2014 15:09, ABULIUS, MUGUR (MUGUR) wrote:
> Hello,
> Can you please specify if StrongSwan supports for IKEv2 Authentication
> Payload
> RSA Digital signatures using SHA-256 as hash function?
> The RFC 5596 (IKEv2) at “§3.8 Authentication Payload” makes reference to
> RSAES-PKCS1-v1_5
> signature scheme for which the RFC 3447 includes SHA-256.
> Best Regards
> Mugur

======================================================================
Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4255 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20140331/95e00ee3/attachment.bin>


More information about the Users mailing list